Filter URL messages via logstash
punisherVX opened this issue · 1 comments
punisherVX commented
Because the PoC of SFN isn't built to handle the gazillion messages associated with all of the URL info (and most of them are irrelevant anyway). The instructions do say to filter and send only malware, command-and-control, phishing and hacking URLs only, but apparently instructions are viewed more as bendable guidelines. So, we need to have Logstash filter these messages so we don't overload the SFN system.
punisherVX commented
These should be followed via the instructions